<?php

//defined( '_VALID_MOS' ) or die( 'Restricted access' );


define( '_JEXEC', 1 );
define('JPATH_BASE', dirname(__FILE__) . "/../t2" );
define( 'DS', DIRECTORY_SEPARATOR );
require_once ( JPATH_BASE .DS.'includes'.DS.'defines.php' );
require_once ( JPATH_BASE .DS.'includes'.DS.'framework.php' );

$mainframe =& JFactory::getApplication('site');
$mainframe->initialise();

$mainframe->route();
$user =& JFactory::getUser();


$categoryid=0;
$page_size=5;
require "jumi_dbconfig.php";

$this_username = $user->username;
$this_useremail = $user->email;
$this_userid = $user->id;
$this_usertype = $user->usertype;


function SendCommandSF($command,$para1,$para2 ) {
    switch ($command)
    {
	case "POST":
		return PostComment(urldecode($para1),$para2);	
		break;
	case "UP":
		return Vote("UP",$para1);	
		break;
	case "DOWN":
		return Vote("DOWN",$para1);	
		break;
	case "HIDE":
		return Admin("HIDE",$para1);	
		break;


    }
    return "OK";
}

function Admin($mode, $commentid)
{
	global $this_username;
	global $this_userid;
	global $eventid;
	global $db;
	if ($this_username =="" )
	{
		return "NOTLOGIN";
	}
	switch ( $mode )
	{
		case "HIDE":
			$published=0;
			break;
		case "SHOW":
			$published=1;
			break;
	} 
	
	$query = sprintf("update comment set published=%d where id=%d or parentid=%d ",
		$published,$commentid,$commentid);
	try  {
		$result = mysql_query("$query",$db) ;
	}
 	catch (Exception $e)
	{
		return "ADMINFAILED:$commentid";
	}
	return "ADMINOK:$commentid";
}

function Vote($mode, $commentid)
{
	global $this_username;
	global $this_userid;
	global $eventid;
	global $db;
	if ($this_username =="" )
	{
		return "NOTLOGIN";
	}
	switch ( $mode )
	{
		case "UP":
			$up=1;
			$down=0;
			break;
		case "DOWN":
			$up=0;
			$down=1;
	} 
	
	$query= "delete from comment_vote where commentid=$commentid and userid=$this_userid ";
	$result = mysql_query("$query",$db) ;
	$query = sprintf("INSERT INTO comment_vote (commentid,userid,up_vote,down_vote) VALUES ('%d','%d','%d','%d')",
		$commentid,$this_userid,$up,$down );
	try  {
		$result = mysql_query("$query",$db) ;
	}
 	catch (Exception $e)
	{
		return "VOTEFAILED:$commentid";
	}
	return "VOTEOK:$commentid";
}
function PostComment($comment,$commentid)
{
	global $this_username;
	global $this_userid;
	global $eventid;
	global $db;
	if ($this_username =="" )
	{
		return "NOTLOGIN";
	}
	if ( $commentid<=0) //	first post
	{
		$query = sprintf("INSERT INTO comment (eventid,userid,username,comment) VALUES ('%d','%d','%s','%s')",
			mysql_real_escape_string($eventid),
			mysql_real_escape_string($this_userid),
			mysql_real_escape_string($this_username),
			mysql_real_escape_string($comment) );
	}
	else // reply
	{
		$query = sprintf("INSERT INTO comment (eventid,parentid,userid,username,comment) VALUES (%d,%d,%d,'%s','%s')",
			mysql_real_escape_string($eventid),
			mysql_real_escape_string($commentid),
			mysql_real_escape_string($this_userid),
			mysql_real_escape_string($this_username),
			mysql_real_escape_string($comment) );
	}
	try  {
		$result = mysql_query("$query",$db) or die ("Error in query: $query. " . mysql_error());
	}
 	catch (Exception $e)
	{
		return "FAILED";
	}
	return "OK";
}


    require("sajax/sajax.php");
//    $sajax_debug_mode = true;

    $sajax_failure_redirect = "http://sajax.info/sajaxfail.html";
    sajax_export("SendCommandSF");
    sajax_handle_client_request();


?>
<html>
<head>
<link rel=StyleSheet href="criticizethis.css" type="text/css">

</head>

<script type="text/javascript" src="sajax/json2.stringify.js"></script>
<script type="text/javascript" src="sajax/json_stringify.js"></script>
<script type="text/javascript" src="sajax/json_parse_state.js"></script>
<script type="text/javascript" src="sajax/sajax.js"></script>

<script>

<?
	sajax_show_javascript();
?>
function FIND(item) {
   if( window.mmIsOpera ) return(document.getElementById(item));
   if (document.all) return(document.all[item]);
   if (document.getElementById) return(document.getElementById(item));
   return(false);
};

function SendCommand_callback( result) {
	
        if ( result == "NOTLOGIN" )
        {
		mymessage.innerHTML="Please login first.";
        }
        if ( result == "OK" )
        {
		mycomment.value="";
		mymessage.innerHTML="Comment submitted";
		window.location.reload();
        }
        if ( result.indexOf("VOTEOK:")== 0 )
        {
		start=result.indexOf (":")+1;
		commentid=result.substr(start,result.length-start );
		obj=FIND("mymessage_" + commentid );
		//alert(commentid);
		obj.innerHTML="Vote OK. ";
		window.location.reload();
	}
        if ( result.indexOf("VOTEFAILED:")== 0 )
        {
		start=result.indexOf (":")+1;
		commentid=result.substr(start,result.length-start );
		obj=FIND("mymessage_" + commentid );
		obj.innerHTML="Vote failed. You can't vote twice on same comment.";
	}
        if ( result.indexOf("ADMINOK:")== 0 )
        {
		start=result.indexOf (":")+1;
		commentid=result.substr(start,result.length-start );
		obj=FIND("mymessage_" + commentid );
		//alert(commentid);
		obj.innerHTML="Comment hidden. ";
		window.location.reload();
	}
}

function SendCommand(command, para1,para2)
{
        x_SendCommandSF(command, para1,para2, SendCommand_callback);
}
function VoteUp( commentid)
{
	SendCommand("UP",commentid,"");
}

function VoteDown( commentid)
{
	SendCommand("DOWN",commentid,"");
}
function ShowReply( commentid)
{
	div=FIND("divreply_"+commentid);
	div.innerHTML="<br>Reply comment: <br><textarea id=ta_reply"+ commentid + " cols=90 rows=3></textarea><br><input type=button onclick='javascript:HideReplyWindow("+ commentid +")' value=Cancel><input type=button onclick='javascript:ReplyComment("+ commentid + ")' value=Post>";
}

function HideReplyWindow( commentid)
{
	div=FIND("divreply_"+commentid);
	div.innerHTML="";

}

function Hide( commentid)
{
	SendCommand("HIDE",commentid,"");
}


function ReplyComment(commentid)
{
	obj=FIND("ta_reply" + commentid);
	msg=FIND("mymessage_" + commentid);
	if ( obj.value =="" )
	{
		msg.innerHTML="please type in a reply, then submit.";
		return;
	}
	if ( obj.value.length >1000  )
	{
		msg.innerHTML="Comment too long.";
		return;
	}
	SendCommand("POST",encodeURI(obj.value),commentid );
}

function PostComment()
{
	if ( mycomment.value =="" )
	{
		mymessage.innerHTML="please type in a comment, then submit.";
		return;
	}
	if ( mycomment.value.length >1000  )
	{
		mymessage.innerHTML="Comment too long.";
		return;
	}
	SendCommand("POST",encodeURI (mycomment.value) ,0 );
}

</script>

<h1><font color="#666666"><a href="latest_stories.php">Back to Main Page</a></font></h1>

<h1><font color="#666666">All Stories</font></h1>
<?

try {
	$start= intval($_REQUEST["start"]);
}
catch (Exception $e )
{
	$start=0;
}
$query = "SELECT a.*,date_format(a.datecreated,'%Y-%m-%d %H:%i') as date1 FROM critizethis_story a where a.categoryid = '$categoryid' and a.published=1 order by a.id desc limit $start,$page_size";


$result = mysql_query($query,$db) or die (" died on query: ". $query);
while ($myrow = mysql_fetch_array($result))
{

        $story_id = stripslashes($myrow["id"]);
        $story_desc = stripslashes($myrow["description"]);
        $story_title = stripslashes($myrow["title"]);
        $story_datecreated = stripslashes($myrow["date1"]);
        $story_link= stripslashes($myrow["link"]);


        echo "<a href=\"criticizethis_story.php?id=$story_id\"><b>$story_title</b></a><br><p>$story_desc</p><br>\r";
}


?>

<? 
if ($start >0) {

	$new_start=$start-$page_size;
	if ( $new_start<0)
		$new_start=0;
	echo " &nbsp;<a href=\"latest_stories_all.php?start=$new_start\"><b><<< Previous</b></a>\r";
	
}

$query = "SELECT count(id) as storycount FROM critizethis_story a where a.categoryid = '$categoryid' and a.published=1 ";
$result = mysql_query($query,$db) or die (" died on query: ". $query);
$myrow = mysql_fetch_array($result);
$story_count=$myrow["storycount"];
	
if ($start < $story_count - $page_size ) {
	$new_start=$start + $page_size;
	echo " &nbsp;<a href=\"latest_stories_all.php?start=$new_start\"><b>Next >>></b></a>\r";
}
?>
</body>
</html>
